Add the domain to Cloudflare

Wait for the scanning to complete; if possible you can click ‘Continue Setup’. CloudFlare will now list all the DNS records for that domain.

Double check to make sure it’s all perfect, so that CloudFlare will use these on its server.

Click ‘Continue’.

Select ‘Free Website’, and continue.

Update your nameservers to Cloudflare’s nameservers

Now, We’ll be changing the nameservers to what was listed on CloudFlare

Login to your domain hosting provider and change to the Nameservers as found on Cloudflare e.g. lina.ns.cloudflare.com.

If you aren’t sure how to edit your nameservers, please feel free to contact your domain hosting provider and provide them the 2 nameservers given from Cloudflare.

Once you’re done updating to the new CloudFlare nameservers, you will begin to immediately see the propagation take place. Your website will not go down, since CloudFlare is using your exact same DNS records.

Type in your domain name e.g. micsumner.com and Choose ‘NS’, and click ‘Search’.

Now, we’ll have to setup the actual SSL of Cloudflare’s!

Setup the ‘Flexible SSL’

Now, what’s most important is to check that the ‘Flexible SSL’ is done being issued.

On your CloudFlare page, on one of the icons, click ‘Crypto’.

And we’ll have to choose the ‘Flexible’ option.

The issuing would take around 7 minutes. Once the blue text ‘issuing certificate’ becomes the Green Status ‘Active Certificate’, your certificate has now been issued as Flexible SSL! See here for the reason we need to choose Flexible SSL.

We got the site’s SSL working when we visit it’s https:// version. Check! Now it’s time to implement the https:// version across the website. And also any related apps which you’ll need to update to https://… like Google Analytics, or your Facebook page ‘website URL’. You might want to download Screaming Frog.

Perform an HTTPS migration

Before we change to HTTPS, first do a Screaming frog ‘Crawl’.

Next, Once we can test our website is working on HTTPS, we can install the plugin ‘CloudFlare Flexible SSL’ for WordPress before we make the actual changes to https version.

Now we’ll change the URLs to HTTPS across the website, so that we’ll not get mixed content.

Install a find-replace plugin like ‘Better Search Replace’ for WordPress, to find all instances of http://www.yoursite.com and replace with https://www.yoursite.com. It’s recommended to do a database backup before this.

Once again, perform a Screaming Frog crawl of the website, to check that we don’t have any more remaining http:// left on the website and that any have been redirected to https.

And finally, we’ll update our external apps like Google Search Console, and Google Analytics by adding/updating these to HTTPS properties.

Hey, we’re Done!

I’d highly recommend the use of CloudFlare if you have a simple website but don’t have the quick option to install Let’s Encrypt Open SSL, nor do you have a CDN to host such files from.

Through the use of the CloudFlare reverse-proxy (that’s what happened when CloudFlare used your DNS records and told you to change to their nameservers), you’ll be hosting the files normally as you would do without any of these changes, but you get the protection/shield from CloudFlare like a Firewall too, and anti-DDoS attacks!